tech.am

The SGAE (Sociedad General de Autores y Editores, or General Ass. of Authors & Editors), is Spain’s equivalent of the RIAA. I was rather amused by this video, where a couple of members of a TV show attempt and succeed at connecting to the SGAE’s WiFi network (it had no encryption enabled!), and download music – alledgedly pirated. They then add an extra twist by actually walking into the SGAE’s offices and asking to see someone, laptop in hand, saying they have just had an attack of good will and want to turn themselves in…

The audio is in spanish, but you will get the general idea even if you don’t understand the talk. My oppinion is that they shouldn’t have done this, as connecting to WiFi networks without the owner’s permission is illegal in most countries, Spain included – so they have actually provided potential prosecutors a perfect piece of evidence.

Yesterday I read some news about Chumby, a new WiFi device being released soon, costing $150, and which looks like an alarm clock on steroids. It features a color screen, the ability to run widgets, hackable hardware, and a squishterface (just made that up, to try to describe the squeeze sensor that the soft case uses to provide user input).

The company behind the Chumby actively promotes hacking the product in any way you want, so this could become another Roomba, albeit cooler (yes, I know, the Roomba moves, so what!). I have signed up to try and get an early sample, let’s see if they consider my arguments.

A few words of constructive criticism – when creating an account, the country drop-down list is not in alphabetical order, so you spend quite a bit of time trying to find yours (US users will have it easy, as it is the default). Additionally, once the steps are completed, you are asked to enter the device ID and give it a name, after which you end up staring at a white page with the big black words: “Application error (Rails”. Whatever that means.

I read a couple of days ago about an initiative by a small team of Microsoft coders to create a tool that will make managing WiFi connectivity easier, with features such as bookmarks, network management, a hotspot locator, and interestingly, a VPN solution.

On the surface, it looks like hotspot directories JiWire or WiFi411, but the VPN is what interests me. Currently, this is an expensive add-on service offered mostly to business users to secure their traffic while on public hotspots. If Microsoft can make VPN connectivity to secure traffic for any user, it would solve many problems, and give the Wall of Sheep at DEFCON a very hard time. My only doubt about this service is if and how much it will cost.

The blog entry talks about being in beta, and thus more features being in the pipeline, so this is one I’ll be watching with interest.

Today I am really peeved with my MacBook Pro. This is the second time I start this post, thanks to the almighty never-ever-hangs-honestly OS X. I intended to write a short diatribe about how remaining time for various things is not calculated right.

Let’s get the first part over with. Just before the crash, I woke up the Mac from suspended animation, and surprisingly, the battery monitor reported 158:34 hours of battery life remaining…whoa! Lets assume the average battery life of 3 hours corresponds to a battery capacity of 4Ah (Ampere-hours) – then my Mac carries a 118Ah battery. For reference, your run-of-the-mill car battery has around 70Ah. Go figure.

The second time miss-calculation happened when I extracted an archive with StuffIt, which told me I had over 300 hours to wait…when the file size was only 2MB. I will try to take screenshots next time. It is obvious that these are dumb figures, but one has to wonder why there isn’t a top limit on the values, mainly so that it doesn’t look ridiculous.

Now, for the fuming rant. I am heading back home on the bus, and to kill time, I decided to write this post. To connect to the internet while on the move, I use a Nokia N70 over Bluetooth, which gives me 3G speed (you at the back, stop giggling!). Suddenly, and before I had time to click ‘Save and Continue Editing’ for the first time, the connection froze. I tried to disconnect, and Internet Connect remained stuck on “Disconnecting…”. There was no way to get it to actually finish the disconnection process…then I noticed the N70 was actually frozen too! Cursing my luck, I removed the battery from the phone, switched Bluetooth off on the Mac, tried to kill Internet Connect using the terminal…nothing. Whether the Mac froze the N70 or the other way around is unknown, but it is clear that both have a serious flaw for this to happen.

Shutdown time. I copy-pasted the text I had written into TextEdit, and saved it to the desktop. Then, without closing TextEdit, I tried to restart the Mac, but it was having none of it. As a last attempt, I held the power button down for five seconds, and finally, it shut down. The surprise came after restarting – the text file was gone from the desktop, and with it my half-written post. There was no trace of it anywhere, neither in Finder’s nor in TextEdit’s recent file list…Is this a serious problem?

I admit that so far, the Mac has proven very stable, with very few problems, and minor ones at that. But if it is possible to have incidents like the one I experienced, then the message about how Macs are un-crashable is simply not true. I know that Robert Scoble had a similar problem with a machine just like mine, his post relating to Dave Winer’s crash report. In my case, the damage wasn’t that great, but imagine this happening towards the end of a long process, like encoding a long video edit. Mac accolites will surely say “But Windows crashes too!”. I’d answer “But Microsoft doesn’t go around publishing agressive campaigns saying how Windows PCs are rock-solid in comparison with the monkey-on-acid-squeek-of-death”.

I love my Mac. But I disagree with the hype.

Friday night I attended Michael Arrington’s TechCrunch 7 party, held at August Capital in Menlo Park, where VCs, startups, and where everyone who is anyone was supposed to be. I saw Robert Scoble, Shel Israel, Guy Kawasaki and his permasmile, Michael of course, and a bunch of other people. I also managed to get in touch with those who I had in mind, so all went well.

What I found curious was the large amount of atendees who were wondering around with a clueless face, obviously looking for a VC or famous person to pitch their startup. I talked to a guy that wants people to anonymously share their wage, so that others in the same industry can check whether they are being overpaid (yeah, right!), or driven as slaves. The revenue model? deep breath…ready?……advertising! The startup I’m involved with right now has ads right at the bottom of the food chain, as something nice to have. Here are a few tips for you guys, when you attend the next TechCrunch party:

• Plan who you want to talk to beforehand, and go directly to get them. Arrive early, well before the start time, so you can at least catch Michael, if he is on your list, before he starts getting nervous from all the attention. You will find it quite hard to get him to listen to you at 11:30, with the amount of people he always has around. However, if the person you want to talk to is not such an attention-getter, but likes his spirits (in an alcoholic sense), maybe he will sign you a nice blank check, so it may be worth a longer wait.
• Mount guard in front of the restroom. Everyone is bound to go there at some stage during the party, specially as the flow of beverages increases. Most people won’t follow Scoble to take a pee with him while they discuss the next video blogging development – but you are desperate, so go for it!
• Have a great conversation startup line ready – going up to someone and babbling something about how much you follow their blog or what great things they have done will usually get you a yes-I-know-you-do-like-all-the-other-hundreds-of-thousands-like-you smile, a handshake if you are lucky, and a chance to take your photo with them, but that is it. For example, if you wanted to talk to Guy Kawasaki, you could say “hey Guy, I am looking for advice, so I will ask you for money” (Hint: read his book). Guy, if you read this, let me know if it would have worked – it was the best I could think of.
• Wear a tee that says something about your startup. A colleague of mine wore one that always got the “what is xyz about?” question. Don’t overdoit, so you look like an walking ad, and don’t put your 10 PowerPoint pitch slides on the front and back. A simple, intriguing, eye-catching message will do. As a practical example, take a look at how many pics of that girl with the “hate your job?” tee are on Flickr.
• Take your laptop, making sure the battery is fully charged, and also take a printed copy of your product presentation or pitch. Have it printed on quality paper and nicely bound – it can cost you $50, but will you regret it if it helps bring in $5 million? Don’t take them with you to the party, nothing looks worse than someone walking around with a PowerPoint presentation under his arm – leave them in the car, you can always quickly dash out to get them if someone gets so interested in you that they want to have a more official presentation on the spot.
• Be prepared to take criticism, as you will meet people who are completely oblivious to what you are doing, and may just have some fun taking a big poke at your ideas. This is something that actually happened to me with a guy from this company that starts with Y and ends with hoo!.
• Make yourself a decent badge – don’t just write “Mike” on it, write your name, surname, and the company you represent. I noticed almost everyone that crossed your path looked at your badge, so make it clear and easy to read.

As a whole, the party was quite good. It even had a streaker, who most likely earned only $100, as a proper streaker would have been completely naked (and maybe with a pitch written on his back). There was plenty to eat and drink, and many interesting people to talk with. Some random thoughts:

• One comment to the Pandora guys: next time, invest some money on a decent audio system, the two tiny speakers and cheap microphone just didn’t cut it. Also, place a couple of speakers at the far corners from the stand, otherwise the people at the end don’t even realise someone is giving a speech. The Pandora service itself rocks!
• It was surprising that when we arrived, the registration desk hadn’t received the Wiki list, thus entry was denied to non-sponsors for a while. The situation was quickly resolved, and all turned out well.
• The icecream sandwitches were awsome, please have them around at the next party!
• The lights could have been switched on early, there was a time when it became hard to read other people’s badges.
• It was curious to watch Robert Scoble handle his high-def camera while recording Michael’s speech – he went through like a dozen menus to configure the low-light settings. Whether he had to go through so many options was because they were really needed and he completely masters the menus, or it was him being still a bit new to the camera is unknown. Here is a pic of him handling the thing:

• The Soonr demo was excellent, albeit Song was very excited and looked a tad over-revved. Thanks for the tee! I will be certainly be using your service, the Skype relay looks very promising.
• The Plazes CEO was very dry when we asked him to confirm rumours about their relationship with FON (other than Martin Varsavsky investing in them), and as to them handling the geocoding of FON’s hotspots. There has been a deluge of criticisms towards FON’s Google maps, and the inaccuracy of the positioning of the hotspots, so maybe this was the reason he was uncomfortable.
• I have a theory – Michael Arrington envisioned the riot of people trying to talk to him, and thus placed some convenient doubles around the crowd. This picture is an example:

• The venue was great, plenty of space, plenty of seating, and the weather turned out great – thanks go to Augusta Capital for providing the space, and to Michael for hosting the event.
• Guy Kawasaki seemed to come to take pictures of everything, at least, that’s all I saw him do – when I wanted to find him later on for a quick talk, he was nowhere to be seen.
• I can recommend the Menlo Park Inn if you want accomodation in a well-communicated place (at least by car), and particularly, with free WiFi. The rooms were spacious and tidy, and the breakfast simple but sufficient, and included in the room price.

In all, I had a really good time, got things done, and so I am looking forward to the next one!

This was seen on a Boeing 767 while en route from Las Vegas to Atlanta, the flight being operated by Delta. Apparently, many people were having problems with their purchased movies, and so the crew decided to reset the system, provoking a nicely familiar sight.

Linux on a plane

Now we could all start making jokes about nmapping the plane, or trying to run Asterisk off a USB drive plugged into the management console, which by the way was accessible to anyone who wandered to the toilet and happened to look left. It had a nice big “Reset all” button too, two USB ports, and a gigabit etherenet RJ45. I just hope they don’t run a kernel with some remote_crash_plane() buffer overflow exploit…

I have just returned from a vacation, interluded by a couple of trips – one of them to DEFCON, the world’s largest hacker conference. This year, it ran at the Riviera hotel and casino in Las Vegas at the beginning of august.

There was plenty to see and do, from conferences as interesting as war-rocketing to an insight into the US-VISIT program, and it’s plans to implement RFID tags into the green visa waivers, or the 2D barcode receipts given out at airports.

I participated in the wardriving events, organised by Thorn, and which consisted of the Running Man and Fox Hunt competitions. Our team was led by Renderman, and we had some backup that put up some noise (fake APs, floods, etc.) to make the contest more interesting.

The Running Man started well, but unfortunately the other team tripped casino security by walking past their booth with a magmount omni antenna on each shoulder, a laptop, several WiFi cards dangling from their belts, a YellowJacket, and other gear – apparently, the IT guys freaked out, and they wanted the contest shut down. After the intervention of Ross and Priest, we were allowed to carry on, but limiting the search area to the venue, and not the whole casino. After the contest resumed, we found the Running Man in around 15 minutes, and won!

The second contest, Fox Hunt, consisted of a hidden WRT54G that was only on for 15 seconds every minute. One was supposed to locate the fox, connect to it, and change the SSID after brute-forcing admin account. 15 seconds to do all that is not a lot! So, our plan was to locate the fox….and make a run with it to a safe place, so we could kill the 15 second timer circuit, reduce the amount of RF leaking out and have a go at changing the SSID. The first part of the plan went well, but then the other team got slightly miffed, called Thorn, who in turn called us to go back to the contest table with the WRT so the other team could also have a go at it.

Interestingly, Thorn had taped the admin password to the bottom of the router, but neither team noticed it! In fact, the other team ended up brute-forcing the AP and changing the SSID. We contested that since when we removed and reapplied power to the AP, the SSID went back to its default, we had in fact won, but Thorn wasn’t having any of it. The contest was a tie, which was decided by the question “Who owns the OID 00:00:00?”, the answer to which is Xerox. We got it wrong, and so we lost. Next year we will be better prepared for sure.

Here are a few pictures from the event:

Thorn and Renderman giving their presentation on the Church of Wifi, with CoWPatty, the WPA rainbow table generator, and the WRT54G mods, which included my WaRThog.

The war-rocketing guys, and their awsome rocket. I wonder how they got that thing past airport security.

The WaRThog on the left, with two more of CoWF’s modified WRT54Gs.

If you used DEFCON’s wireless network to check your email, access your corporate network, etc., but didn’t use any form of security (VPN, SSH…), you are bound to be in the Wall of Sheep. It displays captured user names, passwords, domains and access methods – I actually had the two colleagues travelling with me show up here, even though I told them to not even open their laptops while at the con.

See you next year!

The Insides of Athena Unix

Today we will discuss Shell Scripts.  I will start by discussing how and why they are used. 

You will find that most shell scripts are written for the bourne shell.  The reason for this is that all unix systems have the bourn shell, wehreas not all of them have the c shell.  It is possible to write a shell script that runs under the c shell, though, by putting

#!/bin/csh

On the first line of the script.  I will only discuss bourne shell programming here, and you should refer to the man page for the c shell for information on how to write shell scripts which use it.

Simple shell programs are often only one line long.  If there is a command line that you type frequently (often that involves piping the output of one command into another) you can enter that line into a file, and use it as a shell script which can be invoked by its name. For example, suppose you wanted a command that listed all the places you are logged in on a given cluster.

One way to do this would be to issue the command:

rwho | grep {your username}

Now suppose that instead you wanted to do this whenever you typed the command “findme”.  You would then create a file “findme” containing the line above.  Before you can execute the shell script, you have to tell UNIX that the file findme is in fact a program and not just a text file.  You can do this by changing is mode to allow execute access:

chmod a+x findme

At this point, typeing “findme” would perform those commands.  This could have been done using the alias feature instead, so what is so special about shell scripts?  Well, to start with, next time you log in, this command will still be there.  Further,  other people can use the new command you just defined (if they can access the file).
Shell scripts also can be much more complex (several pages for example.

—–
[] arguments

The next useful ability with shell scripts is arguments.  Suppose that you wanted to do the same as we did above, but you want to specify the user on the command line.  Lets call that command “findu”.  If I want to see where bcn is logged in I should be able to say “findu bcn”. Well, this is simple.  Instead of your username, you use the value “$1″.  $1 in a shell script expands to the value  of the first argument.  Similarly, $2 is the second argument, $3 the third and $0 is the name of the command itself.

So findu would look as follow:

rwho | grep $1

Note that arguments are used in the same manner that variables are used.

—
[] for, while do, if then else, and case

Like any other programming language, shell scripts allow various looping and selection constructs.  One of these is the “for” statement.

It’s format is:

for variable in list_of_values
do
  statemtns
done

the list of variables can use *s to select file names.  If you leave out the in list_of values, the for statement will iterate through the arguments given to the shell.    

–
The form of the while do statement is:

while condition
do
  statements
done

This is like the while do statement in most programming languages, so I won’t go into details about it.

–
Then there is the if then else statement.
Its form is:

if condition
then
statements
[elif condition then]
statements
[else]
fi

The elif (else if) and the else statements are optional.  The if statements does just what you would expect.  If the condition is true, then it executes the then part.  If it is false, and if the is an elif, then it check that condition, and executes the then clase of it. If none of the conditions are ture, it executes the else clause.

 The last construct I will talk about is the case statement.  Its form is:

case $variable in

 v1) statement
  break;;
 v2)
  statement
  break;;
 *)

esac
There is also an until statement which is similar to the while statement.

———
[] test

So far, I have mentioned condition, but I haven’t mentioned how to specify conditions.  Conditions are really only the exit status of a program.  Hence, the way you specify a condition is to run a program which will return an error if a condition is face, and will return successfully if it is true.  This program is the test program.  I will very briefly describe the test command.  For more information you can say “man test” when logged in.

Arguments for test are of the form N <primitive> M where N and M are variables or constants, and the promitive is

-eq, -ne, -gt, -lt, -ge, -le    for numbers
= and != for strings.

Alternatively you can say test -f filname to test for existance of a file, -s to check that the file isn’t empty.  -d checks if a file is a directory, -w if it is writable, and -r checks if it is readable. These aren’t all the options to test though. 

In many shell scripts, you may see square brackets around what looks like a test statement.  If square brackets are used, you don’t have to say test.  In other words,

[-f file] 

is equivilant to

test -f file

 
[] use of /tmp

When writing shell scripts, one will often need to use temporary files.  When doing so, a good place to sture these temporary file is in /tmp.  It is important that the temporary file you create has a different name than any file already in tmp.  To do this, you can use the shell variable $$ which translates into the current process number.  In fact, a good name to use is $0$$ which is the name of the current shell script followed by the process ID.  Ussing this name will prevent conflicts with other programs, or different invocations of the same program.

Another thing which is important is to have your shell script remove the file when it is done using it.  This way, /tmp does not fill up.
Files in /tmp in theory are deleted periodically, but the policy is different on different systems.  It never hurts to delete a temporary file that you no longer need.
———
[] interrupts

The trap command is useful for dealing with interrupts such as ^C or hanging up the phone line.   The form for the trap command is:

trap ‘command arguments’ signal1 signal2

for example

trap ‘rm $tmp* ;exit’ 2 1
———
[] exit

This brings us to the last command I want to describe.  The exit command.  The exit command alows one to exit a shell script.  Exit takes an argument, and returns that value.  A zero value usually indicated that the command has run successfuly, whereas a value of 1 usually indicates that an error has occured.

Today is my last day as a Fonero, which is the way people registered in FON’s network are called (IMHO a rather ugly name). Why this decision? There are a number of reasons, and I have chosen to simply make a list.

• The most important reason is that I have taken a position at a company that makes it unethical for me to continue participating in FON. I will no longer post on their forums; however, I will continue to post my thoughts about FON on my blog, and replying to Martin Varsavsky in his blog when I see it appropriate.
• FON has been a downhill experience from day one. I ordered my “social” router, and got charged by PayPal, but no confirmation from the company, no tracking number, nothing. I emailed their support address, no reply. It eventually arrived, admitedly faster than the month or two some people were reporting on the forums. After a few futile attempts at configuring the router to work with my DSL line, and a couple of completely ignored emails to FON support, I simply gave up. The router is now waiting for a PCB to turn it into a WaRThog.
• Every time I see a new crazy idea in Martin’s blog I feel more depressed about the FON project – does he really think WiFi is the way for homeless people to make a living, reselling VoIP services over Bluetooth? (don’t ask!). Where would he send them the money? Then there are the times when he takes a product and claims it was designed by FON, sometimes in secret collaboration with his backers Skype or Google. The latest is the Skype-compatible WiFi phone made by an Accton subsidiary – this is a design that Accton started way before FON even saw it, and way before Martin could have his logos photoshopped onto the mockups. As a matter of fact, out of the box this phone will not work at FON hostspots, as it lacks the browser required to perform user login – so they will have to work some magic.
• The english and spanish forums are another source of disappointment, with daily posts from people complaining about the extremely poor support that FON is providing them. Some have even taken to posting comments on Martin’s blog to air their issues, something blogtiquette considers a no-no. I posted a few days ago about this particular issue.
• They have followed an ill-conceived path to gaining publicity through bloggers, resulting in serious backslash from the spanish blogosphere (see here and here). Martin seems to think that by surrounding himself with top bloggers in exchange for dubious stock options or a seat in the board will get him a free ticket to stardom.
• I believe that FON serves two purposes – one is to give a personal vehicle of shininess to Martin’s ego. See this post by Glenn Fleishman on FON’s crazy deal announcements, later called off as a lie by Speakeasy – typical example of how he manipulates a phone conversation into front-line news. Om Malik also reported on this particular issue. Martin is someone who cannot be seen as co-founding anything, but as a leader and innovator.
  Secondly, FON serves as an experiment for Skype and Google, who somehow convinced Index and Sequoia to go along. I don’t believe the two VC firms are into experiments, but FON would certainly provide good feedback to S & G about socializing WiFi, hardware distribution, and the adoption of the Bill model as a viable way to extend a WiFi network. Other stuff such as amount of logins at each location/router, number of registered users, daily passes sold, etc. would make nice colored graphs in the resulting corporate presentation.
  But, the problem is that FON is a huge fiasco in terms of hardware distribution, firmware development, public relations, and costumer support. I thus question the validity of any figures that come out of this rather expensive experiment.
• Their firmware development process seems to be a closely guarded secret – but not for the same reasons Apple safeguards its own developments. FON started working with Brainslayer, the creator of DD-WRT, a free Linux distribution for Linksys (and other) routers. Apparently, Brainslayer was not very well treated by FON, and he parted to work in the Sputnik project, amongst other developments.
• Just as Mark Evans did, I have voiced my concerns about FON’s business model and strategy – now that they finally launched the Bills, it looks more ill-fated than ever.

I find it really amazing how FON, with the $21.7 million they got in funding, cannot manage to hire a competent team of support personnel, outsource their obviously ill router redistribution system, and get some muscle behind the community effort. Martin Varsavsky is known in Spain for starting companies, pumping them up, and selling at the best possible gain – then leaving them behind with serious problems. Just look at what people think of Jazztel, or what troubles the Ya.com portal went through.

For me, the FON adventure is over, and a new, better adventure is starting. We will start disclosing things around the end of August, so if you want to stay updated, you are welcome to subscribe to the RSS feed.